Are looking to understand how to document your SSP? How does the NIST SP 800-171 Scope of Applicability and CMMC Assessment Scope fit in the SSP?

In this “At the CMMC Churns,” we take the Scope of Applicability, turn it into a diagram, and incorporate it into your SSP. Yes, incredibly exciting!!! A very foundational to building a solid SSP.

This episode builds on two previous Churns episodes:

  1. How to apply the NIST SP 800-171 Scope of Applicability (
  2. The Three Descoping Methods ( We also reference the NIST SP 800-171 and CMMC Level 2 Assessment Scoping Process Diagram at

Upcoming “As the CMMC Churns” Episodes:
– 2 Feb: Apple Macs and CMMC
– 8 Feb: DIBCAC Frequent Gaps
– 16 Feb: Vulnerability Management for Remote Workers
– 23 Feb: We’ll be at CUI-CON (

Peak InfoSec Homepage:
As the CMMC Churns Episodes:
Contact Peak InfoSec for Support: